Hi.
Is there any way to have my NAS running DSM 7.2.2 to create and keep an IPsec VPN tunnel towards a remote firewall? If not, is there a way the NAS can act as a Wireguard VPN client?
TIA
Personally i use tailscale
Easy and use wireguard.
I used OpenVPN on Synologys that were used for offside backup, and it worked great. So the NAS could be anywhere, usually at the home of a CEO and it would create a tunnel to the office. Then my former company switched to a different firewall brand, that didn’t have OpenVPN, but IP-Sec / L2TP, this did also work, but was extremely unstable.
For PPTP / OpenVPN / L2TP/IPSec VPNs (no installation of further apps required):
Control Panel > Network > Network Interface > Create > Create VPN Profile
For Wireguard (installation required):
Step 1 - Determine NAS model. https://kb.synology.com/en-me/DSM/tutorial/What_kind_of_CPU_does_my_NAS_have
Step 2 - Dowload Wireguard.spk file. https://drive.google.com/drive/folders/1Ci-8oWZ_gW8tH3mv5wKL19nKE1pR8ZfH
Help Guide: https://www.youtube.com/watch?v=Tf74tyE0YjQ
If not, is there a way the NAS can act as a Wireguard VPN client?
https://www.reddit.com/r/synology/comments/1hi6ee4/comment/m2zydts/
OK, let me detail a bit more:
I want to connect a remote Synology NAS to mine for Hyper Backup tasks. My NAS is behind a Fortigate firewall, which is of course capable of IPsec VPN (site-to-site, as well as dial-in).
So I thought that the remote Synology NAS would be able to establish an IPsec tunnel to my Fortigate - is this possible?
If the above is not possible, is there any Wireguard client that could be installed on the remote NAS? Because on my NAS I’m already happily running Wireguard server.
Can you tell me how you set up IPsec VPN between your Synology NAS and the remote device?
This Wireguard how-to is for the server - this I already have running on my “target” NAS. I’m looking for a client to install/run from the remote NAS.
TailScale does have a Synology client. It will tunnel right past your Fortigate Firewall.
Once installed on both Synology devices, they will act as if they are local to each other.
I use this to do Snapshot Replication. Each DSM replicates to the other one.
If you haven’t found already: This may help you regarding WG Client setup on DSM “Running wireguard as a client on synology”:
https://www.reddit.com/r/synology/comments/1by2g0m/comment/kykqzm4/
For simplicity, I personally use L2TP/IPSec protocol for remote NAS connections - works very reliably in my setup.
Interesting. Can you point me to some how-to/guide about this?